Title :
An Ontology for Vulnerability Lifecycle
Author :
Wita, Ratsameetip ; Jiamnapanon, Nattanatch ; Teng-amnuay, Yunyong
Author_Institution :
Center of Excellence in Software Eng., Chulalongkorn Univ., Bangkok, Thailand
Abstract :
System vulnerability is a major cause of failures in complex systems. Relevancy analysis and ranking of vulnerability are important for system administrative work. Our research roadmap is to define a framework for prioritizing vulnerabilities based on relevancy gleaned on online information. In order to do that a systematic representation of knowledge is needed. In this paper, the relationship between lifecycle and characteristic of vulnerability-related information are defined and used in building the Vulnerability Lifecycle Ontology (VLO). VLO is further enriched by standardized naming scheme, vulnerability database, taxonomy, and related documents from the Internet. VLO will be used as the knowledge base in the vulnerability relevancy framework.
Keywords :
ontologies (artificial intelligence); security of data; software maintenance; Internet; complex systems failures; online information; relevancy analysis; standardized naming scheme; system vulnerability; systematic knowledge representation; taxonomy; vulnerability database; vulnerability lifecycle ontology; Data security; Databases; Informatics; Information analysis; Information security; Information technology; Internet; Ontologies; Software engineering; Taxonomy; CVE; Risk prioritization; Security management; Security related ontology; Vulnerability lifecycle;
Conference_Titel :
Intelligent Information Technology and Security Informatics (IITSI), 2010 Third International Symposium on
Conference_Location :
Jinggangshan
Print_ISBN :
978-1-4244-6730-3
Electronic_ISBN :
978-1-4244-6743-3
DOI :
10.1109/IITSI.2010.141
